cryptofree howto Linux: Fedora 25 OpenVPN using gnome
Side note: Anything that says "youruser" in data paths, please change to your actual user. This process worked for me with multiple repeated attempts. It might not work exactly the same for you depending on your setup. I have never posted on this forum so forgive me if I'm not following rules. Also, cryptostorm staff -- Please let me know if I did anything wrong or have improvements to add on to this. I hope this helps your community. Thanks!
1. Download the config file here: viewtopic.php?f=58&t=6374
2. Open this config file and copy the ca.crt text out of the config file (don't copy the <ca> and </ca> part). Save the file as ca.crt in your /home/youruser/Downloads folder.
3. Run the following in your terminal separately with sufficient permissions (root):
Code: Select all
mv /home/youruser/Downloads/ca.crt ~/.cert
restorecon -R -v ~/.cert
semanage fcontext -a -t home_cert_t /home/youruser/Downloads/ca.crt
restorecon -R -v /home/youruser/Downloads/ca.crt
4. Using your Gnome desktop, go to Network, click "Add" or the "+". Then choose OpenVPN.
5. Name your VPN connection what ever you prefer.
6. Keep firewall zone default.
7. Gateway can be any one of the following:
8. Authentication Type is "Password". Make up any User name and Password here. Just don't keep it blank!
9. Choose the "ca.crt" file you saved in /home/youruser/Downloads/ earlier under the "CA Certificate" area. If the certificate no longer exists because you moved it in the earlier commands, then just place a new copy.
10. Click on the "Advanced" button and do the following.
- General Tab
a. Check Use LZO data compression.
b. Keep everything else unchecked.
- Security Tab
a. Select Cipher: AES-253-CBC
b. Keep "use custom size of cipher key" unchecked.
c. Select HMAC Authentication: SHA-512.
- Leave TLS Authentication tab alone.
- Leave Proxies tab alone.
11. Click "OK" to close the Open VPN Advanced Options window. Then click "Apply" on the VPN you created to apply all changes.
12. Turn the VPN you just created "ON". It should connect.
Congrats! You just connected to cryptofree!